| VID |
29104 |
| Severity |
40 |
| Port |
161 |
| Protocol |
UDP |
| Class |
CISCO |
| Detailed Description |
The Cisco ONS platform has multiple vulnerabilities (Security Advisory 20040219). Most of the reported issues are related to various denial of service and authentication vulnerabilities:
- It is possible to open a FTP connection to the Cisco ONS platforms using any nonexistent user-name and password.
- User-names and passwords are stored in clear text in the running image database of the Cisco ONS platforms.
- The SNMP community string "public" cannot be changed in the Cisco ONS software.
- Requesting an invalid CORBA Interoperable Object Reference (IOR) via HTTP may cause the Cisco ONS platforms to reset.
- HTTP requests starting with any character other than '/' may cause the Cisco ONS platforms to reset.
- The Cisco ONS platforms have a user-name and password that can be used to gain access to the underlying VxWorks Operating System and it is not possible to change or disable this account.
- The TFTP server allows unauthenticated access to TFTP GET and PUT commands.
* Note: This check solely relied on the version number of the remote system to assess this vulnerability, so this might be a false positive. Also, it requires a read access SNMP community string to collect the version number. To provide this access, add the valid community string to the check item, "snmp/guessable/r" from the Policy Editor.
* References:
http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml
http://www.cisco.com/warp/public/707/ons-multiple-vuln-pub.shtml
http://www.cisco.com/warp/public/707/ons-tos-vuln-pub.shtml
http://packetstormsecurity.nl/0402-advisories/cisco-sa-20040219-ONS.txt
* Platforms Affected:
Cisco Systems, Inc., Cisco ONS15327 prior to 4.1(3)
Cisco Systems, Inc., Cisco ONS15454 prior to 4.6(1)
Cisco Systems, Inc., Cisco ONS15454 SDH prior to 4.1(3)
Cisco Systems, Inc., Cisco ONS15600 prior to 1.3(0) |
| Recommendation |
Upgrade to the fixed Cisco ONS version, as listed in "Software Versions and Fixes" of Cisco Security Advisory (Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Malformed Packet Vulnerabilities) at http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml .
Upgrades should be obtained through the Software Center on Cisco's worldwide web site at http://www.cisco.com/tacpage/sw-center/sw-optical.shtml .
For details, see http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml . |
| Related URL |
CVE-2004-0308,CVE-2002-0952,CVE-2002-1553,CVE-2002-1554,CVE-2002-1555,CVE-2002-1556,CVE-2002-1557,CVE-2002-1558 (CVE) |
| Related URL |
9699,6084,6083,6082,6081,6078,6076,6073,5058 (SecurityFocus) |
| Related URL |
15266,10506,10507,10508,10509,10510,9377 (ISS) |
|
